数据库密码加密解密
1.引入依赖
<dependency><groupId>com.github.ulisesbocchio</groupId><artifactId>jasypt-spring-boot-starter</artifactId><version>2.1.0</version></dependency>
2.配置秘钥
#jasypt:
#encryptor:
#password: EbfYkitulv73I2p0mXI50JMXoaxZTKJ7
这种方式上传后能看到秘钥不合适改为下面这种方式
本地运行
改为通过环境变量来传参打包
3.对数据库进行加密
import org.gomeet.southsea.WebAppApplication;import org.jasypt.encryption.StringEncryptor;import org.junit.Assert;import org.junit.Test;import org.junit.runner.RunWith;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.boot.test.context.SpringBootTest;import org.springframework.test.context.junit4.SpringRunner;import org.springframework.test.context.web.WebAppConfiguration;@RunWith(SpringRunner.class)@SpringBootTest(classes = WebAppApplication.class)@WebAppConfigurationpublic class EncryptTest {@Autowiredprivate StringEncryptor encryptor;@Testpublic void getPass() {String url = encryptor.encrypt("jdbc:mysql://rm-uf68p71xwhe12n103zo.mysql.:3306/gomeet_x?characterEncoding=utf-8");String name = encryptor.encrypt("shenzheng_rw1");String password = encryptor.encrypt("SheZhEn9843#kjkdfdff");System.out.println("加密后url"+url);System.out.println("加密后name"+name);System.out.println("加密后password"+password);}}4.修改配置文件为加密后的```javaspring:datasource:name: dburl: ENC(4RND3PPFNZGgC164PzRr+eQUssSljuWTg4V4VtpfgqNtlY0NQ12cwxJ2oKqF2IKRcvrCDIhuGaVl36b1oo7GSc/FlgWxCFB8AmS3svObFkAIqt9d/pDmZ+Qk9lBxXox7jyOKZOx+viDOZaC0NggfgQ==)username: ENC(TsmrCCGhwT0I2uwi/aSqt5HA7rU+Tg4e)password: ENC(dmV99ecbcKjL09oBSrp4F0nG7COndZ+JLDrzgI1gQFM=)driver-class-name: com.mysql.jdbc.Driver
5.打成jar包方式运行传入秘钥
java -jar -Djasypt.encryptor.password=G0CvDz7oJn6 xxx.jar
自己配置加密解密方法
//自定义加密方法@Configurationpublic class EncryptPropertyConfig{@Bean("jasyptStringEncryptor")public StringEncryptor stringEncryptor() {PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();SimpleStringPBEConfig config = new SimpleStringPBEConfig();config.setPassword("password");config.setAlgorithm("PBEWithMD5AndDES");config.setKeyObtentionIterations("1000");config.setPoolSize("1");config.setProviderName("SunJCE");config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");config.setStringOutputType("base64");encryptor.setConfig(config);return encryptor;}}自定义解密方法@Configurationpublic class DecyptPropertyConfig {@Bean(name = "encryptablePropertyResolver")public EncryptablePropertyResolver encryptablePropertyResolver() {return new EncryptionPropertyResolver();}class EncryptionPropertyResolver implements EncryptablePropertyResolver {@Overridepublic String resolvePropertyValue(String value) {if (StringUtils.isBlank(value)) {return value;}// 值以enc开头的需要解密if (value.startsWith("ENC")) {return JasyptUtils.decyptPwd(value.substring("ENC@".length()));}// 不需要解密的值直接返回return value;}}}public class JasyptUtils {public static SimpleStringPBEConfig cryptOr() {SimpleStringPBEConfig config = new SimpleStringPBEConfig();config.setPassword(JasptConstant.Password);config.setAlgorithm(StandardPBEByteEncryptor.DEFAULT_ALGORITHM);config.setKeyObtentionIterations("1000");config.setPoolSize("1");config.setProviderName("SunJCE");config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");config.setStringOutputType("base64");return config;}//加密public static String encryptPwd(String value) {PooledPBEStringEncryptor encryptOr = new PooledPBEStringEncryptor();encryptOr.setConfig(cryptOr());String result = encryptOr.encrypt(value);return result;}//解密public static String decyptPwd(String value) {PooledPBEStringEncryptor encryptOr = new PooledPBEStringEncryptor();encryptOr.setConfig(cryptOr());String result = encryptOr.decrypt(value);return result;}
